Are the Rewards of Social Media Worth the Risk for Your Financial Institution?

August 2016 | Article

The world of technology continues to expand and with it, various risks surrounding its use. From Facebook to Yelp, social media can be a powerful tool to connect with customers, but if poorly managed, can lead to damaging risk in your organization.

In December 2013, the Federal Financial Institutions Examination Council (FFIEC) published “Social Media: Consumer Compliance Risk Management Guidance.” This guidance does not impose new regulatory requirements on financial institutions, but it does provide financial institutions with expectations for managing risks associated with using social media. The guidance provides insight on how the use of social media impacts already existing regulations.

Monitoring Risks
A financial institution’s social media risk management program should consist of methods to identify, measure, monitor and control risks associated with its use. The more involved an organization is in social media, the more robust their program should be. Even if an organization chooses not to actively participate in social media spaces, they cannot ignore the possible risks that may arise from others using it to express negative comments or complaints about the organization.

Components of a strong social media risk management program include:

  • A governance structure outlining roles and responsibilities directing how social media will be used to contribute to the organization’s goals
  • Policies and procedures related to the use and monitoring of social media and compliance with other related consumer protection regulations
  • A risk management process for selecting and managing third-party relationships connected with social media
  • An employee training program
  • An oversight process for monitoring information posted to social media sites
  • Audit and compliance functions to ensure compliance with policies and regulations
  • Parameters for reporting to the financial institution’s board of directors on the effectiveness of the social media program

Risk Profile Likely to Change
An organization’s risk profile can take on an entirely new look when engaging in social media—increased compliance, operational, and reputation risk can result. The same requirements outlined in existing regulations apply when delivering products and services through a social media network. Whether you allow customers to open a deposit account or apply for a loan, the same rules followed when conducting these activities through more traditional venues apply when delivering them using social media.

Some regulations to consider when offering deposit and loan products through social media include:

  • Truth in Savings Act/Regulation DD – If promoting products using triggering terms such as an Annual Percentage Yield (APY) or a bonus, the required additional disclosures must also be included in a way that does not mislead or misrepresent the actual features of the product.
  • Equal Credit Opportunity Act/Regulation B – Use care in promoting loan products so as not to discourage anyone from applying based on a prohibited basis. Be prepared to act upon applications received through social media networks within required timeframes.
  • Truth in Lending/Regulation Z – When promoting loan products, ensure required disclosures are provided if terms triggering additional disclosures have been used.
  • Real Estate Settlement Procedures Act (RESPA) – Be mindful of any arrangements that could result in violations of Section 8 of RESPA, particularly referral arrangements or arrangements with settlement service providers. Respond to loan applications received through social media within required timeframes.
  • Fair Debt Collections Practices Act – Use of social media to contact consumers (or their families and friends) with past due loans may be in violation of the act.
  • Unfair or Deceptive Acts or Practices (UDAP) – Ensure any information communicated using a social network is accurate and free of content that could be misleading.
  • Deposit Insurance – Carefully use FDIC insurance logos when promoting insured products; and likewise, do not include it when promoting products that are not FDIC insured.

As you embark on this journey through the unlimited boundaries of social media, think carefully about how its use aligns with your organization’s strategic goals and what you intend to accomplish through its use. Carefully evaluate the impact this journey could have on your organization’s compliance, reputational, and operational risks and whether the benefits outweigh the added risk. Properly managed, the world of social media can provide endless opportunities and expand your outreach beyond what could be realized through more traditional channels.

Stay current on your favorite topics


Learn More

See what more we can bring to organizations just like yours.

Financial Institutions

Take a deeper dive into this Insight’s subject matter.

Risk Advisory